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DETAILED ACTION 

This Office Action is in response to Applicant's Remarks and Amendments filed 
January 16, 2008. 

Claims 1-25 remain withdrawn. 
Claim 26 is amended. 

Claims 26-50 are pending and herein considered. 



Response to Arguments 

Applicant's arguments filed January 16, 2008 have been fully considered but they 
are not persuasive. 

In response to Applicant's arguments concerning Hawe's alleged failure to 
describe "receiving a frame at a first network entity from the second network entity in a 
fibre channel network" and "identifying a security control indicator in the frame from the 
second network entity, wherein the security control indicator is used to determine if the 
frame is encrypted or authenticated" the Examiner respectfully disagrees. Applicant's 
arguments fail to comply with 37 CFR 1.111 (b) because they amount to a general 
allegation that the claims define a patentable invention without specifically pointing out 
how the language of the claims patentably distinguishes them from the references. 
Insofar as Applicant's citations to Hawe, in their entirety, fail to accurately reflect 
sections within Hawe, the Examiner is unable to find support for Applicant's remarks 
concerning Hawe's "teaching away from the techniques and mechanisms of the present 
invention" and as such, maintains her previously set forth rejection. 
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In response to Applicant's arguments concerning Brewer's alleged failure to 
describe "any security association database" the Examiner has not considered such 
arguments insofar as they are not directed towards a reference currently being utilized 
by the Examiner in her rejection. Insofar as the Examiner is not relying upon Brewer in 
any way in her rejection, Applicant's remarks are moot and will not be considered 
further. 

It is based upon the above made arguments in view of the prosecution history in 
its entirety that the Examiner maintains her 35 U.S.C. 103 rejection of claims 26-50 as 
unpatentable over United States Patent No. 5,070,528 to Hawe at al. and further in view 
of US Patent No. 6,973,568 B2 to Hagerman. 

Claim Rejections - 35 USC 3 103 

The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 26-50 remain rejected under 35 U.S.C. 103(a) as being unpatentable 
over United States Patent No. 5,070,528 to Hawe at al. and further in view of US Patent 
No. 6,973,568 B2 to Hagerman. 
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As per claim 26, Hawe teaches a method for processing frames in a fibre 
channel network having a first network entity and a second network entity, the method 
comprising: 

receiving a frame at the first network entity from the second network entity in a 
fibre channel network (col. 8 lines 24-51); 

identifying a security control indicator in the frame from the second network 
entity, wherein the security control indicator is used to determine if the frame is 
encrypted (col. 6 lines 36-54); 

decrypting the first portion of the frame (col. 16 lines 1-14). 

Hawe fails to teach determining that a security association identifier associated 
with the frame corresponds to an entry in a security database and decrypting the first 
portion of the frame by using algorithm information contained in the entry in the security 
database. Hawe also fails to provide for authentication of any type. 

Hagerman teaches a secure fibre channel communication network utilizing 
security association identifiers associated with frames which correspond to an entry in a 
security database (col. 3 lines 43-47; col.7 lines 1 1-34) and decrypting the first portion of 
the frame by using algorithm information contained in the entry in the security database 
(col.7 lines 1 1-34). Hagerman goes on to teach the use of authentication within his 
system to provide for additional security (Abstract, col. 3 lines 23-42). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to include within Hawe the authentication, security database, and 



Application/Control Number: 10/034,367 Page 5 

Art Unit: 2137 

decryption utilizing the security database as described in Hagerman to provide 
increased levels of security and overall scalability. 

As per claim 27, the combined method of Hawe and Hagerman teaches wherein 
the entry in the security database was created after a fibre channel network 
authentication sequence between the first and second network entities (Hagerman col. 7 
lines 1-10). 

As per claim 28, the combined method of Hawe and Hagerman teaches wherein 
the first portion is decrypted using a key contained in the entry in the security database 
(Hagerman col. 3 lines 43-53). 

As per claim 29, the combined method of Hawe and Hagerman teaches wherein 
the first portion is encrypted using DES, 3DES or AES (Hagerman col. 7 lines 1-10). 

As per claim 30, the combined method of Hawe and Hagerman teaches 
recognizing that a second portion of the frame supports authentication; using algorithm 
information contained in the entry in the security database to authenticate the second 
portion of the frame (Hagerman col. 5 lines 15-41). 
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As per claim 31, the combined method of Hawe and Hagerman teaches wherein 
the second portion is authenticated using MD5 or SHA1 (Hagerman col. 3 lines 34-42; 
col.7 lines 35-44). 

As per claim 32, the combined method of Hawe and Hagerman teaches wherein 
the authentication sequence is a fibre channel login sequence between the first and 
second network entities (Hagerman col. 3 lines 34-47). 

As per claim 33, the combined method of Hawe and Hagerman teaches wherein 
the login sequence is a PLOGI or FLOGI sequence (Hagerman col. 6 lines 6-13). 

As per claim 34, the combined method of Hawe and Hagerman teaches wherein 
the first and second network entities are domain controllers and the authentication 
sequence is a FC-CT sequence (Hagerman col.1 lines 28-40). 

As per claim 35, the combined method of Hawe and Hagerman teaches wherein 
the first and second network entities are domain controllers and the authentication 
sequence is a SW-TL sequence (Hagerman col.6 lines 6-14). 

As per claim 36, Hawe teaches a method for transmitting encrypted frames in a 
fibre channel network having a first network entity and a second network entity, the 
method comprising: identifying a fibre channel frame having a source corresponding to 
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the first network entity and a destination corresponding to the second network entity 
(col. 8 lines 24-51); providing a security control indicator in the fibre channel frame, 
wherein the security control indicator is use to determine if the frame is encrypted and 
authenticated (col. 6 lines 36-54); transmitting the fibre channel frame to the second 
network entity (col. 8 lines 24-51). 

Hawe fails to teach determining that a security association identifier associated 
with the frame corresponds to an entry in a security database and encrypting the first 
portion of the frame by using algorithm information contained in the entry in the security 
database. Hawe also fails to provide for authentication of any type. 

Hagerman teaches a secure fibre channel communication network utilizing 
security association identifiers associated with frames which correspond to an entry in a 
security database (col. 3 lines 43-47; col.7 lines 1 1-34) and encrypting the first portion of 
the frame by using algorithm information contained in the entry in the security database 
(col.7 lines 1 1-34). Hagerman goes on to teach the use of authentication within his 
system to provide for additional security (Abstract, col. 3 lines 23-42). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to include within Hawe the authentication, security database, and 
encryption utilizing the security database as described in Hagerman to provide 
increased levels of security and overall scalability. 

As per claim 37, the combined method of Hawe and Hagerman teaches wherein 
the entry in the security database was created after a fibre channel network 
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authentication sequence between the first and second network entities (Hagerman col. 7 
lines 1-10). 

As per claim 38, the combined method of Hawe and Hagerman teaches wherein 
the payload is encapsulated using the Authentication Header protocol or the 
Encapsulating Security Payload protocol (Hagerman col. 7 lines 1-10). 

As per claim 39, the combined method of Hawe and Hagerman teaches adding 
security information to the header of the fibre channel frame (Hagerman col. 3 lines 23- 
33). 

As per claim 40, the combined method of Hawe and Hagerman teaches wherein 
a first portion of the fibre channel frame is encrypted using DES, 3DES, or AES 
(Hagerman col. 7 lines 1-10). 

As per claim 41, the combined method of Hawe and Hagerman teaches wherein 
parameters in the header are normalized prior to encrypting the first portion of the fibre 
channel frame (Hagerman col. 3 lines 48-53). 

As per claim 42, the combined method of Hawe and Hagerman teaches wherein 
the payload is padded prior to encrypting the first portion of the fibre channel frame 
(Hagerman col. 5 lines 3-25). 
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As per claim 43, Hagerman teaches computing authentication data using key 
and algorithm information as well as a second portion of the fibre channel frame 
(Hagerman col. 5 lines 15-25). 

As per claim 44, the combined method of Hawe and Hagerman teaches wherein 
authentication data is computed using MD5 or SHA1 (Hagerman col. 3 lines 34-42; col. 7 
lines 35-44). 

As per claim 45, the combined method of Hawe and Hagerman teaches wherein 
the authentication sequence is a fibre channel login sequence between the first and 
second network entities (Hagerman col.3 lines 34-47). 

As per claim 46, the combined method of Hawe and Hagerman teaches wherein 
the login sequence is a PLOGI or FLOGI sequence (Hagerman col. 6 lines 6-13). 

As per claim 47, the combined method of Hawe and Hagerman teaches wherein 
the first and second network entities are domain controllers and the authentication 
sequence is a FC-CT sequence or an SW-ILS message (Hagerman col.1 lines 28-40; 
col.6 lines 6-14). 

Claim 48 corresponds to an apparatus employing the method described in claim 
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Claim 49 corresponds to an apparatus employing the method described in claim 
37 and is rejected accordingly. 

As per claim 50, Hawe teaches an apparatus for receiving encrypted frames in a 
fibre channel network having a first network entity and a second network entity, the 
apparatus comprising: means for identifying that the frame has been encrypted and 
authenticated (col. 6 lines 36-54); means to decrypt the eventually encrypted frame 
(col. 16 lines 1-14); 

Hawe fails to teach means to lookup the security parameters in a security 
database that allows de-encapsulation of the frame and means to verify that the 
message has been sent by the sender, and that has not been tampered with during its 
transmission. 

Hagerman teaches a secure fibre channel communication network utilizing 
security association identifiers associated with frames which correspond to an entry in a 
security database (col. 3 lines 43-47; col.7 lines 11-34) and decrypting the first portion of 
the frame by using algorithm information contained in the entry in the security database 
(col.7 lines 1 1-34). Hagerman goes on to teach the use of authentication in order to 
verify that messages have been sent by the sender, and that they have not been 
tampered with during transmission (Abstract, col. 3 lines 23-42). 
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It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to include within Hawe the authentication, security database, and 
decryption utilizing the security database as described in Hagerman to provide 
increased levels of security and overall scalability. 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Tamara Teslovich whose telephone number is 
(571)272-4241 . The examiner can normally be reached on Mon-Fri 8-4:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone 
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number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Tamara Teslovich/ 
Examiner, Art Unit 2137 

/Emmanuel L. Moise/ 

Supervisory Patent Examiner, Art Unit 2137 



